Friday, October 7, 2016

Bug BadKernel is a danger to everyone … – Hacker – Hacker

Presents a new report on the vulnerability known as BadKernel. This bug was discovered in the V8 JavaScript engine in 2015, and the problem appeared in version 3.20-4.2. Although the vulnerability was fixed a year ago, the researchers write that many devices, including devices from LG, Samsung, Motorola and Huawei, are still at risk.

In 2015, experts Qihoo 360 found a bug in the V8 JavaScript for use which the attacker was enough to lure a victim to a malicious web page. RCE-vulnerability gives the attacker practically complete control over the victim device, allowing you to intercept SMS messages, the data from the camera, to steal passwords and information from the device memory to know the location of the victim and so on. Before the problem BadKernel was vulnerable not only Chromium, and applications built based on it, but the WebView which also uses V8 JavaScript.

since WebView is used in many third party apps (WeChat, Facebook, Twitter, Gmail and so on), the problem turned out to be very high. Worse, the affected version of WebView was defaulted to Android, starting from version 4.4.4 to version 5.1.

In 2015, the experts were informed that the V8 JavaScript problem also extends to various SDK, for example, Tencent X5.SDK. This meant that the applications created using the SDK data, is also vulnerable to attacks BadKernel. One of them became popular in China QQ, QQ Space, Jingdong, 58 City, Sohu and Sina News.

Although the fix for the problem BadKernel was presented in 2015, the researchers write that many vulnerable versions of the V8 JavaScript still are part of various applications. Some applications are not updated by the developers forget to update other users.

“In the United States and Europe about the problem BadKernel still know very little, as researchers at Qihoo 360, who discovered the vulnerability, has published all the data about it in the Chinese language that made them inaccessible to the rest of the world” — says the expert Trustlook Mobile Security Clark Dong (Dong Clark).

the Company Trustlook Mobile Security has decided to convey information about the problem to the rest of the world and submitted its own report on the issue. On the company’s website also published a long list of vulnerable problem BadKernel devices, which includes gadgets such manufacturers as Alcatel, Asus, HTC, Huawei, Lenovo, LG, Motorola, Samsung, Sony and so on. Experts write that BadKernel is a threat to 41,48% of all Samsung smartphone models, of 38.89% of all smartphones Huawei , 26,67% of the models of Motorola and of 21.93% devices LG.

According Trustlook Mobile Security, the largest number of vulnerable devices is concentrated in Peru, there BadKernel is a danger to every fifth Android-device. Followed by France (14.7 per cent), Nigeria (12.4 per cent), Bangladesh (10.2 per cent) and Thailand (9.4 per cent).

According to the report, the most “leaky” are the built-in browsers LG (vulnerable to 75.1% of all installations), followed by followed by browsers Samsung (41% of all installations vulnerable), and the problem can be seen in the mobile versions of Google Chrome (11% vulnerable installations).